From: Operating system: Windows Server 2003 - IIS 6 PHP version: 5.3.8 Package: Session related Bug Type: Bug Bug description:Session Error When Browsing Between Secure and Non-Secure Subdirectories
Description: ------------ Configuration: Windows Server 2003 SP2 + IIS 6.0 + PHP 5.3.8 + FastCGI 1.5 (We have session.auto_start set to true in our php.ini file.) When a user browses to a secure application, let's call it "Application A," which can either be under SSL or just have anonymous access turned off through IIS and therefore requires authentication, then browses to another application, we'll call "Application B," that does not require authentication, PHP throws the following error: Error: [2] Unknown: open(D:\PHP\Session\\sess_9ksat3tm0nk8lbfcfgk3pp99o0, O_RDWR) failed: Permission denied (13) File: http://www.mysite.com/mypage.php Line: 0 Error: [2] Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (D:\PHP\Session\) File: http://www.mysite.com/mypage.php Line: 0 The reverse scenario also results in the error -- if the user browses to Application B (no authentication) and then to Application A (which requires authentication). I was able to prevent the error from occurring by turning anonymous access off in Application B, which forces the user to authenticate when accessing Application B. However, this is not a viable solution because we have to allow users to access public web applications without forcing them to authenticate. So, simply put: How can we allow users to browse between secure sites and public sites knowing that PHP wants to read/write to the same session data file across these various sites, which causes the error as soon as the user goes from a secure site to a public site or vice versa? -- Edit bug report at https://bugs.php.net/bug.php?id=60411&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=60411&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=60411&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=60411&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=60411&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=60411&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=60411&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=60411&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=60411&r=needscript Try newer version: https://bugs.php.net/fix.php?id=60411&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=60411&r=support Expected behavior: https://bugs.php.net/fix.php?id=60411&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=60411&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=60411&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=60411&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=60411&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=60411&r=dst IIS Stability: https://bugs.php.net/fix.php?id=60411&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=60411&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=60411&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=60411&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=60411&r=mysqlcfg
